Virtual DPO Services
- 1 full day per month for 12 months
- Unlimited questions at any time (reasonable use of course)
- Priority support in case of data breach
- Use of our DPO email if desired
- Use of our name as your assigned DPO if desired
Did you know that a website should display a ‘Privacy Notice’ not a ‘Privacy Policy’.
Your privacy policy should be specific to your organisation with highly detailed information on procedures and products as used in your organisation. It should be confidential to your company as hackers welcome that sort of information as a good starting point.
The first, and possibly best, piece of advice we have given to all our customers is ‘don’t lose any data’. This stacks up well when another of our teachings is considered – ‘the ICO are not looking for you’.
The second piece of advice is that ‘compliance is not possible’ and anyone offering to ‘make you compliant’ needs to be shown the door as they for sure have no genuine comprehension of the regulations and are only looking to extract cash from your wallet.
Think back to pre-25th May 2018 when consultants, companies and product vendors alike attempted to frighten us all by claiming a 4% of turnover fine would be the punishment for not purchasing their services or products. Who has egg on their faces now? Although plenty of them made lots of money using that tactic so probably don’t care much anyway.
We are genuine experts in GDPR and PECR, and by extension general data and privacy protection.
We assist and encourage GDPR adherence rather than compliance. A small matter of semantics but very important.
We bring pragmatism to the table and encourage a balance of risk and investment.
We openly point out that the ICO have publicly stated that they wish to work with companies rather than fine them. That is provided the company can be seen to have taken some steps, appropriate for their size and industry sector.
We are happy to have an informal chat, and/or to provide customer references as appropriate.
As part of our consultancy service we can offer:
- Service to becoming GDPR adherent
- Service to maintain GDPR adherence
- A full GDPR and PECR Pack
- Data discovery service
- A data protection officer
- Incident Management service
- Advice on technology to support data protection
- Data Protection Training
GDPR Pack contains:
- Privacy Notice
- Data Protection Policy
- GDPR Readiness Statement
- Multiple Procedures to cover all GDPR aspects
- Incident Response document
- Data Location and mapping
- Staff Training
- Technology Appraisal